Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2025-48600 Vulnerability in google (CVE-2025-48600)
vulnerability in google (CVE-2025-48600). Confidential information can be exposed externally.
CVE-2022-37055 KEV [KEV] Vulnerability in D-link routers (CVE-2022-37055)
vulnerability in D-link routers (CVE-2022-37055). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-66644 KEV [KEV] OS Command Injection in Array networks array-networks (CVE-2025-66644)
OS command injection in Array networks array-networks (CVE-2025-66644). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-34291 KEV [KEV] Vulnerability in langflow (CVE-2025-34291)
vulnerability in langflow (CVE-2025-34291). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.7.0` or later.
CVE-2025-55182 KEV [KEV] Vulnerability in Meta react-server-components (CVE-2025-55182)
vulnerability in Meta react-server-components (CVE-2025-55182). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-40251 Vulnerability in c (CVE-2025-40251)
vulnerability in c (CVE-2025-40251). Risk of unauthorized operations or information disclosure. Exploitable via ``rate_leaf_parent_set``.
CVE-2021-26828 KEV [KEV] Unrestricted File Upload in Openplc scadabr (CVE-2021-26828)
vulnerability in Openplc scadabr (CVE-2021-26828). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-65955 Vulnerability in imagemagick (CVE-2025-65955)
vulnerability in imagemagick (CVE-2025-65955). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `7.1.2-9` or later.
CVE-2025-48633 KEV [KEV] Vulnerability in Android framework (CVE-2025-48633)
vulnerability in Android framework (CVE-2025-48633). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-48572 KEV [KEV] Vulnerability in Android platform/frameworks/base (CVE-2025-48572)
vulnerability in Android platform/frameworks/base (CVE-2025-48572). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `14:2025-12-01` or later.
CVE-2021-26829 KEV [KEV] Cross-Site Scripting (XSS) in Openplc scadabr (CVE-2021-26829)
cross-site scripting in Openplc scadabr (CVE-2021-26829). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61167 SQL Injection in sqli (CVE-2025-61167)
SQL injection in sqli (CVE-2025-61167). Risk of unauthorized operations or information disclosure.
CVE-2025-61168 Unsafe Deserialization in sigb (CVE-2025-61168)
vulnerability in sigb (CVE-2025-61168). Successful exploitation can lead to full system takeover.
CVE-2025-64047 OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /user/user-move.php.
CVE-2025-64048 Cross-Site Scripting (XSS) in yccms (CVE-2025-64048)
cross-site scripting in yccms (CVE-2025-64048). Risk of unauthorized operations or information disclosure.
CVE-2025-61757 KEV [KEV] Vulnerability in Oracle fusion-middleware (CVE-2025-61757)
vulnerability in Oracle fusion-middleware (CVE-2025-61757). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-13223 KEV [KEV] Vulnerability in Google chromium-v8 (CVE-2025-13223)
vulnerability in Google chromium-v8 (CVE-2025-13223). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61662 Use-After-Free in dos (CVE-2025-61662)
vulnerability in dos (CVE-2025-61662). Successful exploitation can lead to full system takeover.
CVE-2025-58413 Vulnerability in fortinet (CVE-2025-58413)
vulnerability in fortinet (CVE-2025-58413). Successful exploitation can lead to full system takeover.
CVE-2025-53843 Vulnerability in fortinet (CVE-2025-53843)
vulnerability in fortinet (CVE-2025-53843). Successful exploitation can lead to full system takeover.
CVE-2025-54821 Privilege Escalation in fortinet (CVE-2025-54821)
vulnerability in fortinet (CVE-2025-54821). Risk of unauthorized operations or information disclosure.
CVE-2025-63892 Cross-Site Scripting (XSS) in remyandrade (CVE-2025-63892)
cross-site scripting in remyandrade (CVE-2025-63892). Successful exploitation can lead to full system takeover.
CVE-2025-58034 KEV [KEV] OS Command Injection in Fortinet fortiweb (CVE-2025-58034)
OS command injection in Fortinet fortiweb (CVE-2025-58034). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-63748 Unrestricted File Upload in testmanagement (CVE-2025-63748)
vulnerability in testmanagement (CVE-2025-63748). Successful exploitation can lead to full system takeover.
CVE-2025-64046 OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting (XSS) in /system/update-run.php.
CVE-2025-64446 KEV [KEV] Vulnerability in Fortinet fortiweb (CVE-2025-64446)
vulnerability in Fortinet fortiweb (CVE-2025-64446). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-40164 Vulnerability in c (CVE-2025-40164)
vulnerability in c (CVE-2025-40164). Risk of unauthorized operations or information disclosure.
CVE-2025-62215 KEV [KEV] Vulnerability in Microsoft windows (CVE-2025-62215)
vulnerability in Microsoft windows (CVE-2025-62215). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-9242 KEV [KEV] Out-of-Bounds Write in Watchguard firebox (CVE-2025-9242)
out-of-bounds write in Watchguard firebox (CVE-2025-9242). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-12480 KEV [KEV] Vulnerability in Gladinet triofox (CVE-2025-12480)
vulnerability in Gladinet triofox (CVE-2025-12480). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-62199 Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-60724 Vulnerability in microsoft (CVE-2025-60724)
vulnerability in microsoft (CVE-2025-60724). Successful exploitation can lead to full system takeover.
CVE-2025-30398 Vulnerability in microsoft (CVE-2025-30398)
vulnerability in microsoft (CVE-2025-30398). Confidential information can be exposed externally.
CVE-2025-21042 KEV [KEV] Out-of-Bounds Write in Samsung mobile-devices (CVE-2025-21042)
out-of-bounds write in Samsung mobile-devices (CVE-2025-21042). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-43438 Use-After-Free in apple (CVE-2025-43438)
vulnerability in apple (CVE-2025-43438). Risk of unauthorized operations or information disclosure.
CVE-2025-43433 Out-of-Bounds Write in apple (CVE-2025-43433)
out-of-bounds write in apple (CVE-2025-43433). Successful exploitation can lead to full system takeover.
CVE-2025-43441 Buffer Overflow in apple (CVE-2025-43441)
vulnerability in apple (CVE-2025-43441). Risk of unauthorized operations or information disclosure.
CVE-2025-43407 This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS...
This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS...
CVE-2025-11371 KEV [KEV] Vulnerability in Gladinet centrestack-and-triofox (CVE-2025-11371)
vulnerability in Gladinet centrestack-and-triofox (CVE-2025-11371). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-48703 KEV [KEV] OS Command Injection in Cwp control-web-panel (CVE-2025-48703)
OS command injection in Cwp control-web-panel (CVE-2025-48703). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61498 Vulnerability in dos (CVE-2025-61498)
vulnerability in dos (CVE-2025-61498). Risk of unauthorized operations or information disclosure.
CVE-2025-62230 Use-After-Free in xorg (CVE-2025-62230)
vulnerability in xorg (CVE-2025-62230). Confidential information can be exposed externally.
CVE-2025-62231 Vulnerability in xorg (CVE-2025-62231)
vulnerability in xorg (CVE-2025-62231). Confidential information can be exposed externally.
CVE-2025-41244 KEV [KEV] Vulnerability in Broadcom vmware-aria-operations-and-vmware-tools (CVE-2025-41244)
vulnerability in Broadcom vmware-aria-operations-and-vmware-tools (CVE-2025-41244). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-24893 KEV [KEV] Vulnerability in Xwiki platform (CVE-2025-24893)
vulnerability in Xwiki platform (CVE-2025-24893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-56399 Code Injection in laravel (CVE-2025-56399)
code injection in laravel (CVE-2025-56399). Successful exploitation can lead to full system takeover.
CVE-2025-6204 KEV [KEV] Code Injection in Dassault systèmes dassault-systemes (CVE-2025-6204)
code injection in Dassault systèmes dassault-systemes (CVE-2025-6204). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-6205 KEV [KEV] Vulnerability in Dassault systèmes dassault-systemes (CVE-2025-6205)
vulnerability in Dassault systèmes dassault-systemes (CVE-2025-6205). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-61795 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-61795). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.0.110, 10.1.47, 11.0.12` or later.
CVE-2025-55752 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →